exploitDog

CVE-2025-28972

Опубликовано: 17 июн. 2025

Источник: nvd

CVSS3: 7.6

EPSS Низкий

Описание

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Suhas Surse WP Employee Attendance System allows Blind SQL Injection. This issue affects WP Employee Attendance System: from n/a through 3.5.

Ссылки

https://patchstack.com/database/wordpress/plugin/wp-employee-attendance-system/vulnerability/wordpress-wp-employee-attendance-system-3-5-sql-injection-vulnerability?_s_id=cve

EPSS

Процентиль: 10%

0.00034

Низкий

7.6 High

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-wmj5-wrgg-pwqg

CVSS3: 7.6

github

8 месяцев назад

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Suhas Surse WP Employee Attendance System allows Blind SQL Injection. This issue affects WP Employee Attendance System: from n/a through 3.5.

EPSS

Процентиль: 10%

0.00034

Низкий

7.6 High

CVSS3

Дефекты

CWE-89